[54321] in North American Network Operators' Group
Re: misbehaving DNS resolvers
daemon@ATHENA.MIT.EDU (Peter van Dijk)
Sat Dec 21 09:23:04 2002
Date: Sat, 21 Dec 2002 15:22:32 +0100
From: Peter van Dijk <peter@dataloss.nl>
To: nanog@nanog.org
Mail-Followup-To: nanog@nanog.org
In-Reply-To: <20021221012635.GB59972@dataloss.nl>
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Dec 21, 2002 at 02:26:36AM +0100, Peter van Dijk wrote:
> over the last week I have been seeing more and more resolvers (all
> that I know about are BIND but I'm not drawing conclusions yet) send
> my nameservers more and more *identical* queries, a *lot* of them.
>
> Just to keep it short: take a look at
> http://www.dataloss.nl/dnsoffenders/ and
> http://www.dataloss.nl/dnsoffenders2/
>
> If you notice any of your boxes in those lists with a high query count
> (dnsoffenders is measured over about 60-80 minutes, dnsoffenders2 is
> more like 30 minutes) please contact me. Thank you.
Vincent Schonau reports that 'fetch-glue no;' in the BIND config seems
to help (on BIND 8.3.4). If you are listed on my page, please try this
configuration option, wait for a stats update and see if it helps.
Thank you.
Greetz, Peter
--
peter@dataloss.nl | http://www.dataloss.nl/ | Undernet:#clue
http://www.blinkenlights.nl/party/ - birthday party (page in Dutch)
all geeks invited - send mail to party@blinkenlights.nl for more info
